This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa File: 52630693-0f5d-4126-ba07-ad0c0c999660.roa (raw, json) Hash identifier: 2iOLyC3G1eZNFDbsGab8zNSkopdtR/yfSEjc9S0Hz8o= Subject key identifier: DE:B1:64:11:79:29:6B:F4:C8:A9:6D:39:2D:0F:6D:26:40:C5:82:B4 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 07C9DB06D4A6688B9D0745F1F63B5C16794B763A Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa Signing time: Wed 10 Dec 2025 06:00:43 +0000 ROA not before: Wed 10 Dec 2025 06:00:43 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d071:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:c9:db:06:d4:a6:68:8b:9d:07:45:f1:f6:3b:5c:16:79:4b:76:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:00:43 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=92c0635739d0a3dfac8ab64f1c4ede21a0f709394dc1f1a7a8d9abcd7e739cdc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:69:53:73:47:aa:82:f9:75:ee:f9:6b:44:65: eb:78:28:4e:f0:f7:41:c8:ef:8b:b6:bd:61:4e:e2: 17:e7:3f:65:b9:8d:37:27:59:3d:a2:8d:18:30:cc: f4:9d:f4:75:42:1c:3b:f6:de:e8:0c:9c:16:ec:35: 00:b2:12:d9:31:0b:78:6b:fc:9b:52:f6:92:78:f7: e3:61:05:3f:4d:32:f7:10:2a:7e:dc:d9:cf:78:83: 69:51:da:8a:d1:17:ae:d3:e2:1f:b6:32:f5:48:f5: d2:f9:5c:18:34:7b:45:48:dc:cf:d1:8c:49:08:bf: e1:22:9c:b0:ad:fe:77:e7:71:b0:1c:7f:f1:89:2a: c6:18:55:2e:bf:b0:09:f7:53:22:16:95:ae:db:21: 93:de:71:26:c2:6a:91:05:81:24:08:e3:77:79:47: 9e:b5:a7:6d:ba:26:a0:a6:d2:f4:37:a9:d4:b8:49: 50:89:d3:4d:ab:7c:dc:ba:04:c7:c7:3e:a3:0a:ec: c6:48:41:14:b3:29:0a:86:f7:47:15:e6:44:3e:3a: c1:5a:29:96:c4:6c:59:fe:99:9b:7b:d9:d8:cc:9a: a3:bf:df:4e:9e:33:eb:e1:de:b1:ef:c2:cb:73:2a: f7:78:37:e5:4c:2f:96:19:4d:f2:db:c2:e9:70:5d: 4f:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:B1:64:11:79:29:6B:F4:C8:A9:6D:39:2D:0F:6D:26:40:C5:82:B4 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d071:e000::/40 Signature Algorithm: sha256WithRSAEncryption 9c:33:16:b4:45:1c:32:67:1a:92:bc:04:42:27:79:41:52:c3: 00:fe:0c:51:ee:0c:1a:f2:fd:09:e8:31:0f:ec:9a:b3:b3:0c: 21:10:00:30:9f:f4:22:71:b8:ce:25:f5:bd:65:7d:c7:57:ee: b3:79:a2:6c:df:cc:f7:fc:dd:9e:73:10:52:c1:05:20:b0:cf: 6e:e3:04:37:26:1c:f0:ca:6b:7b:27:8d:02:fc:80:34:a3:22: 26:d7:81:5c:3d:16:18:82:9e:5e:25:1d:45:30:09:81:45:0f: 56:94:2b:e7:ad:1b:de:d1:88:e7:aa:18:ab:4a:a6:04:16:ec: 43:fb:8d:79:4f:a1:e6:58:7b:a1:32:59:39:c1:99:fa:f0:02: ed:de:7e:2e:e3:d1:75:3c:d4:f1:e6:fc:75:b2:a1:5a:94:d7: df:be:74:1b:fc:d9:cb:db:c6:47:8e:fa:28:03:4b:50:f1:d3: 01:87:0e:88:b1:70:bf:d9:ce:a3:dc:65:5b:39:53:73:7e:04: 13:46:90:e3:09:55:67:e4:0e:c6:33:f9:d7:ff:58:d4:db:be: af:5b:dd:7f:57:cd:66:e0:f4:c1:b9:39:fd:f5:94:9f:f7:ff: 7c:dd:b2:86:08:8f:80:11:e3:51:69:f5:1b:b7:41:17:85:cf: 1f:64:46:1d -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgIUB8nbBtSmaIudB0Xx9jtcFnlLdjowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjAwNDNaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDkyYzA2MzU3MzlkMGEzZGZhYzhhYjY0ZjFjNGVkZTIxYTBmNzA5Mzk0ZGMx ZjFhN2E4ZDlhYmNkN2U3MzljZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMNpU3NHqoL5de75a0Rl63goTvD3Qcjvi7a9YU7iF+c/ZbmNNydZPaKNGDDM 9J30dUIcO/be6AycFuw1ALIS2TELeGv8m1L2knj342EFP00y9xAqftzZz3iDaVHa itEXrtPiH7Yy9Uj10vlcGDR7RUjcz9GMSQi/4SKcsK3+d+dxsBx/8YkqxhhVLr+w CfdTIhaVrtshk95xJsJqkQWBJAjjd3lHnrWnbbomoKbS9Dep1LhJUInTTat83LoE x8c+owrsxkhBFLMpCob3RxXmRD46wVoplsRsWf6Zm3vZ2Myao7/fTp4z6+Hese/C y3Mq93g35UwvlhlN8tvC6XBdT2UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTesWQR eSlr9MipbTktD20mQMWCtDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv NTI2MzA2OTMtMGY1ZC00MTI2LWJhMDctYWQwYzBjOTk5NjYwLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHg MA0GCSqGSIb3DQEBCwUAA4IBAQCcMxa0RRwyZxqSvARCJ3lBUsMA/gxR7gwa8v0J 6DEP7JqzswwhEAAwn/QicbjOJfW9ZX3HV+6zeaJs38z3/N2ecxBSwQUgsM9u4wQ3 Jhzwymt7J40C/IA0oyIm14FcPRYYgp5eJR1FMAmBRQ9WlCvnrRve0YjnqhirSqYE FuxD+415T6HmWHuhMlk5wZn68ALt3n4u49F1PNTx5vx1sqFalNffvnQb/NnL28ZH jvooA0tQ8dMBhw6IsXC/2c6j3GVbOVNzfgQTRpDjCVVn5A7GM/nX/1jU276vW91/ V81m4PTBuTn99ZSf9/983bKGCI+AEeNRafUbt0EXhc8fZEYd -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:08 2026 by rpki-client